Pages

Blog is moving

My blog is moving to http://victormendonca.com/blog/. If you are looking for a specific or older post you are in the right place Otherwise check out my new page for more up to date content.

Thursday, June 7, 2007

known_hosts Clean Up

Have you ever got the following message:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!Someone could be eavesdropping on you right now (man-in-the-middle attack)!It is also possible that the RSA host key has just been changed.The fingerprint for the RSA key sent by the remote host is5c:9b:16:56:a6:cd:11:10:3a:cd:1b:a2:91:cd:e5:1c.Please contact your system administrator.Add correct host key in /home/user/.ssh/known_hosts to get rid of this message.Offending key in /home/user/.ssh/known_hosts:1RSA host key for [host or IP] has changed and you have requested strict checking.Host key verification failed.

This usually means that the host IP or name is not matching the entry recorded on known_hosts file. This would be as easy as deleting the entry on the known_hosts file and try to reconnect, but apparantelly on Ubuntu, those entries are encrypted.

This adds security, and if I'm not mistaken is also an option that can be configured on other distros.

If you open you know_hosts file (~/.ssh/known_hosts) you'll see that it looks something like this: